I am have two networks with a Dlink DFL-260E firewall between them. Both networks use windows file sharing to transfer files. I need to restrict the file transfer so as to allow .xls and .xlsx files. How can the firewall be configured for this?

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
If this question can be reworded to fit the rules in the help center, please edit the question.

Have you checked the manual for any instructions about content inspection? That is the only way that any firewall is going to be able to determine any filetypes, and it may be that your firewall doesn't support this, or it does and the manual says how to use it.
–
dunxdDec 14 '12 at 15:37

3 Answers
3

A (packet-filtering) firewall is the wrong solution here. They have no knowledge (or at best very LIMITED knowledge) of what's actually being transferred.

From a broader perspective, it is impractical to examine all data going over the network and strip out everything that is "not an .xls or .xlsx file" -- I'm afraid that what you're asking for can't be done, or at least not in any practical real-world application...

As mentioned, firewalls don't really look at the content of the connection, only the connection details like IP address and port. It sounds like you are talking about IPS (Intrusion prevention). IPS looks at traffic (as long as its not encrypted) and you can block based on patters like regex.

That will let you filter by file extension. To do more, you will probably have to extend IIS with an ISAPI Filter. You can probably inspect the file for Magic numbers or xml schema to do a better check then the extension.